Beware spyware

Two days ago, we realised our home laptop was infected with spyware. Whenever we did a Google web search, the results page titles would all be reasonable, but the actual websites returned were rubbish. The results would take you to pages full of advertising, rather than useful content. Clearly, something was very wrong.

We are running an up-to-date copy of the McAfee scanner, but it hadn’t picked up anything, and a full scan resulted in a verdict of all clear. Sorry, McAfee, you fail.

Yesterday, I downloaded Microsoft’s Windows Defender – software that is designed specifically to find this sort of thing. It didn’t find anything.

I also tried downloading Symantec’s Norton AntiBot (free for 15 day trial). It was worth the money I paid, i.e. nothing. AntiBot couldn’t find the spyware. At this point, three big guns – McAfee, Microsoft and Symantec – had completely failed.

The only other symptom with our infection was that, under Firefox, when the Google search results page was being returned, “Connecting to 1.2.3.0 …” was briefly shown in the browser. Doing a search for that returned some results with titles suggesting that people at the CyberTechHelp forums had similar problems on their PCs.

The helpful support guys there recommended the free Malwarebytes’ Anti-Malware software to fix it. A scan quickly found something named Trojan.Agent hiding in a fake sound driver in the c:\windows\ directory, which it then removed. Everything was back to normal!

You should never know if your anti-virus tool is any good. Ideally, you should never find yourself infected, so never find out if your tool has a weakness. Unfortunately, we did find our PC infected, so we did learn that our anti-virus tool was no good. The lesson for me is that the free tools can be superior to the big name, expensive tools. I won’t be renewing my McAfee subscription.

9 thoughts on “Beware spyware”

  1. Well done on your investigation.
    You are one of the few that actually took the time to find the problem and fix it.
    And as you realized, free can be as good as paid for.
    Well done!

  2. Thank you for validating my refusal to fork out for ‘proper’ virus protector these days. Not sure how great our freebies are though – my laptop seems happy enough but apparently the other PC has some kind of contagion – ugh!

  3. Yes mate. Honestly, Ive thrown almost everything at this without any luck. Im just about to post a hijack log file on bleepingcomputer — hopefully someone over there might be able to offer some assistance.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.